如何阻止 kubernetes 向 usage.projectcalico.org 报告?
How to stop kubernetes from reporting to usage.projectcalico.org?
我发现我的 kubernetes 集群正在向 usage.projectcalico.org 发送报告,如何禁用它以及它如何使用 usage.projectcalico.org?
根据源码:
# Disable Usage Reporting to usage.projectcalico.org
# We want to avoid polluting analytics data with unit test noise
curl_etcd("calico/v1/config/UsageReportingEnabled",
options=["-XPUT -d value=False"], ip=ip)
这里是 curl_etcd
的定义
def curl_etcd(path, options=None, recursive=True, ip=None):
"""
Perform a curl to etcd, returning JSON decoded response.
:param path: The key path to query
:param options: Additional options to include in the curl
:param recursive: Whether we want recursive query or not
:return: The JSON decoded response.
"""
if options is None:
options = []
if ETCD_SCHEME == "https":
# Etcd is running with SSL/TLS, require key/certificates
rc = check_output(
"curl --cacert %s --cert %s --key %s "
"-sL https://%s:2379/v2/keys/%s?recursive=%s %s"
% (ETCD_CA, ETCD_CERT, ETCD_KEY, ETCD_HOSTNAME_SSL,
path, str(recursive).lower(), " ".join(options)),
shell=True)
else:
rc = check_output(
"curl -sL http://%s:2379/v2/keys/%s?recursive=%s %s"
% (ip, path, str(recursive).lower(), " ".join(options)),
shell=True)
return json.loads(rc.strip())
Felix 是发送使用信息的 Calico 组件。
Felix 可以 configured 禁用使用 ping。
在calico-node DaemonSet
中设置FELIX_USAGEREPORTINGENABLED环境变量可以是"false"(需要是yaml中的字符串!)
将 FelixConfiguration 资源中的 UsageReportingEnabled 字段设置为 false。这可能在 etcd 或 Kubernetes API 中,具体取决于您使用的存储。都可以用 calicoctl.
修改
calicoctl patch felixConfiguration default \
--patch='{"spec": {"UsageReportingEnabled": false}}'
如果您碰巧使用 kubespray,修改此设置会有点困难,因为这些变量不会暴露给 Ansible,除非手动修改 templates or yaml.
我发现我的 kubernetes 集群正在向 usage.projectcalico.org 发送报告,如何禁用它以及它如何使用 usage.projectcalico.org?
根据源码:
# Disable Usage Reporting to usage.projectcalico.org
# We want to avoid polluting analytics data with unit test noise
curl_etcd("calico/v1/config/UsageReportingEnabled",
options=["-XPUT -d value=False"], ip=ip)
这里是 curl_etcd
def curl_etcd(path, options=None, recursive=True, ip=None):
"""
Perform a curl to etcd, returning JSON decoded response.
:param path: The key path to query
:param options: Additional options to include in the curl
:param recursive: Whether we want recursive query or not
:return: The JSON decoded response.
"""
if options is None:
options = []
if ETCD_SCHEME == "https":
# Etcd is running with SSL/TLS, require key/certificates
rc = check_output(
"curl --cacert %s --cert %s --key %s "
"-sL https://%s:2379/v2/keys/%s?recursive=%s %s"
% (ETCD_CA, ETCD_CERT, ETCD_KEY, ETCD_HOSTNAME_SSL,
path, str(recursive).lower(), " ".join(options)),
shell=True)
else:
rc = check_output(
"curl -sL http://%s:2379/v2/keys/%s?recursive=%s %s"
% (ip, path, str(recursive).lower(), " ".join(options)),
shell=True)
return json.loads(rc.strip())
Felix 是发送使用信息的 Calico 组件。
Felix 可以 configured 禁用使用 ping。
在calico-node DaemonSet
FELIX_USAGEREPORTINGENABLED环境变量可以是"false"(需要是yaml中的字符串!)
将 FelixConfiguration 资源中的 UsageReportingEnabled 字段设置为 false。这可能在 etcd 或 Kubernetes API 中,具体取决于您使用的存储。都可以用 calicoctl.
calicoctl patch felixConfiguration default \
--patch='{"spec": {"UsageReportingEnabled": false}}'
如果您碰巧使用 kubespray,修改此设置会有点困难,因为这些变量不会暴露给 Ansible,除非手动修改 templates or yaml.